ModSecurity

ModSecurity is a powerful firewall for Apache web servers which is used to stop attacks towards web applications. It keeps track of the HTTP traffic to a certain website in real time and stops any intrusion attempts the instant it discovers them. The firewall relies on a set of rules to accomplish that - as an illustration, attempting to log in to a script administration area unsuccessfully several times sets off one rule, sending a request to execute a certain file that may result in gaining access to the Internet site triggers another rule, and so on. ModSecurity is among the best firewalls available on the market and it will preserve even scripts that aren't updated frequently as it can prevent attackers from using known exploits and security holes. Incredibly comprehensive information about each and every intrusion attempt is recorded and the logs the firewall keeps are a lot more specific than the standard logs generated by the Apache server, so you may later analyze them and decide whether you need to take more measures in order to enhance the security of your script-driven websites.

ModSecurity in Web Hosting

ModSecurity is offered with every single web hosting solution which we provide and it is activated by default for any domain or subdomain which you include via your Hepsia CP. In case it interferes with any of your apps or you would like to disable it for some reason, you'll be able to do that through the ModSecurity area of Hepsia with merely a click. You can also use a passive mode, so the firewall will identify possible attacks and maintain a log, but shall not take any action. You can view detailed logs in the very same section, including the IP where the attack came from, exactly what the attacker attempted to do and at what time, what ModSecurity did, etcetera. For max protection of our customers we use a set of commercial firewall rules blended with custom ones which are provided by our system admins.

ModSecurity in Semi-dedicated Hosting

Any web program you install within your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain that you add or create via your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated area inside Hepsia where not simply can you activate or deactivate it completely, but you may also enable a passive mode, so the firewall shall not block anything, but it shall still maintain an archive of potential attacks. This normally requires only a mouse click and you will be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was taken care of, etcetera. The firewall uses 2 sets of rules on our machines - a commercial one which we get from a third-party web security firm and a custom one which our administrators update personally as to respond to newly discovered risks as soon as possible.

ModSecurity in VPS Web Hosting

Protection is essential to us, so we install ModSecurity on all virtual private servers which are made available with the Hepsia CP by default. The firewall could be managed through a dedicated section in Hepsia and is activated automatically when you include a new domain or generate a subdomain, so you won't have to do anything manually. You will also be able to disable it or activate the so-called detection mode, so it will maintain a log of potential attacks that you can later study, but shall not block them. The logs in both passive and active modes include details about the kind of the attack and how it was eliminated, what IP address it came from and other useful info which may help you to tighten the security of your websites by updating them or blocking IPs, as an example. Besides the commercial rules which we get for ModSecurity from a third-party security company, we also employ our own rules as from time to time we find specific attacks that aren't yet present inside the commercial group. This way, we could increase the protection of your Virtual private server right away rather than waiting for an official update.

ModSecurity in Dedicated Servers Hosting

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain you create on the hosting server. In the event that a web app doesn't operate correctly, you could either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity will keep a log of any potential attack that could occur, but won't take any action to prevent it. The logs generated in passive or active mode will offer you more details about the exact file which was attacked, the nature of the attack and the IP address it came from, etcetera. This data shall enable you to determine what actions you can take to enhance the safety of your Internet sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules we employ are updated often with a commercial package from a third-party security firm we work with, but occasionally our admins include their own rules also when they come across a new potential threat.